Seven lessons learned from the Gawker and McDonalds hack attacks

Email addresses and passwords for millions of Gawker and McDonalds fans have been exposed -- and yours may be among them.


[ See also: Will Anonymous target Facebook Next? ]

McDonalds per se didn't get hacked; instead, it was a third party hired to handle its email promotions that got nailed. The booty there included names, contact info, and birthdays for an undisclosed number of Mickey D's customers.

Even if you don't give a damn about Gawker or McSlurries and have never visited either site, there are lessons you can garner that apply across the Web. And the biggest ones have to do with how you choose and use passwords and log ons.

1. Segregate your passwords. Unless you use a password vault like those from Billeo, Roboforms, or MyOneLogin, it's impossible to choose a unique and hard-to-guess password for every friggin' site with a log in screen. In fact, the average Internet user has to remember 156 passwords, according to Billeo. So you need to pick your spots -- don't use the same password for logging into a blog's comments field as you would for logging into your bank, for example. Use a common password for the accounts where you don't give a damn, and unique ones for everything that matters.

Personally, if somebody got my Gawker log in and started posting stupid things in my name it would not be a good thing, but it wouldn't be the end of the world either. (It also wouldn't be the first time that, ahem, stupid comments were associated with my name.) If someone got my banking log-on, though, that would entirely suck.

So if you've been using the same passwords for everything, it's time to change the important ones. Do it now; I'll wait.

2. Use obscure user names. Some sites require you to enter your email address as your log on, which is both easier to remember and easier to hack. If you have the option to use a username, pick that instead. It may still be associated with your email address in the hacked company's database, but it's one less clue to your identity on other sites.

Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question